Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/FPT3e3osIsf1FNiSM8_DJA6ikTA.roa
File: FPT3e3osIsf1FNiSM8_DJA6ikTA.roa (raw, json)
Hash identifier: eHbcaslVfpyLwq2RTGkrH0pRicade7GaRKgvdJmgI6s=
Subject key identifier: 14:F4:F7:7B:7A:2C:22:C7:F5:14:D8:92:33:CF:C3:24:0E:A2:91:30
Certificate issuer: /CN=a9be16ce7db3be6905b1abef8be21a2319b0e43e
Certificate serial: 01857343B12EC6833036BF3A4C0144234DB4
Authority key identifier: A9:BE:16:CE:7D:B3:BE:69:05:B1:AB:EF:8B:E2:1A:23:19:B0:E4:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qb4Wzn2zvmkFsavvi-IaIxmw5D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/FPT3e3osIsf1FNiSM8_DJA6ikTA.roa
Signing time: Mon 02 Jan 2023 16:14:54 +0000
ROA not before: Mon 02 Jan 2023 16:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137
IP address blocks: 192.107.51.0/24 maxlen: 24
192.107.56.0/21 maxlen: 21
192.107.52.0/22 maxlen: 22
192.107.64.0/19 maxlen: 19
192.107.96.0/22 maxlen: 22
192.107.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:b1:2e:c6:83:30:36:bf:3a:4c:01:44:23:4d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9be16ce7db3be6905b1abef8be21a2319b0e43e
Validity
Not Before: Jan 2 16:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14f4f77b7a2c22c7f514d89233cfc3240ea29130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0d:a8:cc:9d:a6:cf:aa:4a:f5:7e:ad:af:28:
09:3f:06:25:df:f2:80:3c:0d:96:e7:32:4f:c9:15:
a9:c4:d8:3f:1a:7f:95:c9:fd:5f:bb:f9:c7:82:8a:
07:4b:f4:f7:cc:83:e0:99:61:e6:29:f6:97:ac:7f:
ab:d8:35:40:ae:0b:9e:0d:dd:53:67:ca:4a:ca:6d:
15:f6:26:d6:a2:f2:bc:34:1f:0f:63:d5:69:24:c1:
89:25:b8:4e:83:1f:92:5b:0d:a9:ac:eb:8d:3d:81:
36:62:47:57:7c:8c:21:d4:2f:ec:07:e8:46:a2:23:
87:3c:25:d8:dd:ef:f7:62:d8:27:af:b1:0f:c6:d4:
6c:49:54:8a:fa:03:18:ce:50:34:8b:5f:3f:9e:20:
77:66:dc:6e:82:d7:43:28:83:fc:90:cf:f3:bc:10:
55:54:eb:e7:d1:b1:56:a5:dc:e1:c8:a1:fc:5c:76:
bb:32:2f:eb:29:43:20:c5:98:75:1a:c4:42:e4:e2:
03:54:81:6d:6f:e1:3f:ef:e6:1d:65:2e:cc:fa:27:
a0:71:7d:8b:00:81:25:b4:9e:b9:1b:da:b4:8b:42:
65:96:fb:7a:ce:34:b5:84:9f:70:c4:dc:81:fb:38:
d9:3a:31:31:1a:2b:5d:53:d4:49:ac:d1:39:19:7e:
74:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F4:F7:7B:7A:2C:22:C7:F5:14:D8:92:33:CF:C3:24:0E:A2:91:30
X509v3 Authority Key Identifier:
keyid:A9:BE:16:CE:7D:B3:BE:69:05:B1:AB:EF:8B:E2:1A:23:19:B0:E4:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qb4Wzn2zvmkFsavvi-IaIxmw5D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/FPT3e3osIsf1FNiSM8_DJA6ikTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/qb4Wzn2zvmkFsavvi-IaIxmw5D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.107.51.0-192.107.100.255
Signature Algorithm: sha256WithRSAEncryption
2c:8b:7f:f6:3e:50:02:aa:fd:84:e5:01:ba:b3:3b:95:a7:61:
20:72:3e:94:62:34:44:67:a8:0a:14:6c:0e:7c:85:88:69:3d:
dc:7c:d6:9d:fa:86:d4:8e:5a:de:76:92:37:9c:01:93:15:51:
9e:1a:e2:59:d4:a1:d5:c8:14:00:e1:08:37:f6:a5:5e:ba:dd:
12:c5:16:ec:c3:c3:fd:42:95:ed:69:07:01:b0:3f:28:be:4c:
59:a8:3b:42:6b:f2:e6:40:7f:37:9b:3e:b2:f9:58:47:92:7f:
ed:31:9d:a2:e6:03:38:7b:86:ab:36:bf:b1:c4:42:ab:ea:51:
21:1b:45:76:d6:8f:fa:f5:35:d6:66:20:c1:e3:9e:21:f3:f7:
a5:86:c8:43:1b:b9:25:f8:e5:9f:96:cf:63:2b:e7:0a:36:04:
81:6e:96:89:0a:c2:17:33:d5:5f:65:ac:76:a1:0c:6e:0e:c2:
ca:cc:e0:75:dc:71:b4:b0:14:5a:1b:1f:4c:fd:2d:e0:39:6f:
a3:a7:ed:e3:b9:46:51:ee:61:82:a4:e0:88:ff:8e:4a:75:dd:
12:fa:7a:53:17:f9:eb:24:91:31:0b:5d:7e:0f:16:a7:98:9b:
54:a7:20:f3:1a:39:8d:e5:0d:09:33:3b:e6:8a:c9:0b:72:18:
1e:00:8d:88
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVzQ7EuxoMwNr86TAFEI020MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YmUxNmNlN2RiM2JlNjkwNWIxYWJlZjhiZTIxYTIzMTli
MGU0M2UwHhcNMjMwMTAyMTYxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGY0Zjc3YjdhMmMyMmM3ZjUxNGQ4OTIzM2NmYzMyNDBlYTI5MTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ2ozJ2mz6pK9X6trygJPwYl3/KA
PA2W5zJPyRWpxNg/Gn+Vyf1fu/nHgooHS/T3zIPgmWHmKfaXrH+r2DVArgueDd1T
Z8pKym0V9ibWovK8NB8PY9VpJMGJJbhOgx+SWw2prOuNPYE2YkdXfIwh1C/sB+hG
oiOHPCXY3e/3Ytgnr7EPxtRsSVSK+gMYzlA0i18/niB3ZtxugtdDKIP8kM/zvBBV
VOvn0bFWpdzhyKH8XHa7Mi/rKUMgxZh1GsRC5OIDVIFtb+E/7+YdZS7M+iegcX2L
AIEltJ65G9q0i0Jllvt6zjS1hJ9wxNyB+zjZOjExGitdU9RJrNE5GX50hwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBT093t6LCLH9RTYkjPPwyQOopEwMB8GA1UdIwQY
MBaAFKm+Fs59s75pBbGr74viGiMZsOQ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWI0V3puMnp2bWtGc2F2dmktSWFJeG13NUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8xNmViNTktNjhhMy00MjE1LTgwOWYt
NzliMmU0MGUyYmQ4LzEvRlBUM2Uzb3NJc2YxRk5pU004X0RKQTZpa1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8xNmViNTktNjhhMy00MjE1LTgwOWYtNzliMmU0MGUyYmQ4
LzEvcWI0V3puMnp2bWtGc2F2dmktSWFJeG13NUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADAazMD
BADAa2QwDQYJKoZIhvcNAQELBQADggEBACyLf/Y+UAKq/YTlAbqzO5WnYSByPpRi
NERnqAoUbA58hYhpPdx81p36htSOWt52kjecAZMVUZ4a4lnUodXIFADhCDf2pV66
3RLFFuzDw/1Cle1pBwGwPyi+TFmoO0Jr8uZAfzebPrL5WEeSf+0xnaLmAzh7hqs2
v7HEQqvqUSEbRXbWj/r1NdZmIMHjniHz96WGyEMbuSX45Z+Wz2Mr5wo2BIFulokK
whcz1V9lrHahDG4OwsrM4HXccbSwFFobH0z9LeA5b6On7eO5RlHuYYKk4Ij/jkp1
3RL6elMX+eskkTELXX4PFqeYm1SnIPMaOY3lDQkzO+aKyQtyGB4AjYg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:17:03 2025 by rpki-client